Privacy Policy

  • Home
  • Privacy Policy

Privacy Policy for GoDialysis (Sradya Lifecare Pvt Ltd)

Effective Date: May 15, 2024

Last Updated: May 15, 2024

Version: 1.1

GoDialysis ("we," "us," or "our"), a venture of Sradya Lifecare Pvt Ltd, is committed to protecting the privacy and security of our patients, healthcare partners, and website visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.godialysis.org / www.adyalifecare.org) or use our mobile applications (Patient, Technician, and Partner Portals).

By using our services, you consent to the data practices described in this policy in accordance with the Digital Personal Data Protection Act, 2023 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

1. Information We Collect

A. Personal Identification Information
  • Basic Details: Name, age, gender, address, and contact information (phone number, email).
  • Authentication: Mobile number and OTP-based verification data.
  • Government IDs: Aadhaar, PAN, or AB-PMJAY IDs for insurance/government scheme empanelment.
B. Sensitive Personal Data (Health Information)
  • Medical History: Chronic Kidney Disease (CKD) stage, comorbidities (diabetes, hypertension), and allergy profiles.
  • Real-time Vitals: Blood pressure, weight, and heart rate logged by technicians during Home or In-center sessions.
  • Prescriptions & Reports: Digital copies of nephrologist notes, lab results, and dialysis prescriptions.
  • Treatment Logs: Session duration, consumables used (scanned via QR code), and post-dialysis feedback.
C. Technical and Usage Data
  • Location Data: Precise GPS coordinates for dispatching Mobile Dialysis Vans or finding the nearest center.
  • Device Info: IP address, browser type, and app usage statistics.

2. Purpose of Data Collection

We process your data only for the following "Legitimate Uses":

  1. Service Delivery: To facilitate Home Dialysis, Mobile Van dispatch, and In-center bookings.
  2. Clinical Continuity: Sharing medical profiles with Nephrologists and Technicians to ensure safe treatment.
  3. Financial Processing: Facilitating payments via UPI/EMI and processing insurance or AB-PMJAY claims.
  4. Emergency Response: Using the SOS/Hotline trigger to dispatch nearest available emergency technicians.
  5. Quality Assurance: Monitoring hygiene compliance through QR-code verification of single-use consumables.

3. Data Sharing and Disclosure

We share your information only under the following circumstances:

  • Healthcare Partners: With hospital partners, nephrologists, and technicians involved in your specific care journey.
  • Government Authorities: For processing claims under Ayushman Bharat (PMJAY) or other state health schemes.
  • Service Providers: With secure third-party vendors for AWS cloud hosting, SMS/WhatsApp notifications, and payment gateways.
  • Legal Requirements: When required by law or to protect the safety and rights of Sradya Lifecare Pvt Ltd and its users.

Note: We do not sell or rent patient health data to third-party marketing companies.

4. Data Security & Storage

GoDialysis adheres to international security standards as highlighted in our operational framework:

  • Cloud Security: Hosted on Amazon Web Services (AWS) with multi-layer encryption.
  • Compliance: We strive for ISO 27001 standards and conduct regular VIPT (Vulnerability Assessment and Penetration Testing).
  • Access Control: Access to sensitive health data is restricted via Role-Based Access Control (RBAC) for technicians and admins.

5. User Rights (DPDP Act 2023)

Under Indian law, you have the following rights:

  • Right to Access: Request a summary of your personal data and processing activities.
  • Right to Correction/Erasure: Correct inaccurate data or request the deletion of data no longer required for treatment or legal purposes.
  • Right to Withdraw Consent: You may withdraw consent at any time, though this may limit our ability to provide dialysis services.

6. Data Retention

  • Medical Records: Retained as per the Clinical Establishments Act and Indian Medical Council guidelines (typically 3 to 10 years).
  • Administrative Data: Deleted when the purpose for collection is fulfilled, unless required for audit/tax purposes.

7. Cookies and Tracking

We use cookies to improve website navigation and analyze traffic. You can manage cookie preferences through your browser settings.

8. Updates to this Policy

We may update this policy periodically to reflect changes in law or our services. Continued use